Surviving Cyberwar Published

Tuesday, June 15, 2010

Richard Stiennon


After a five month period of editing, indexing, and finally printing, Surviving Cyberwar has been published by Government Institutes, an imprint of Scarecrow Press, a division of the Rowman and Littlefield company. 

Here is the story of how and why I wrote a book on cyberwar.

The very first presentation I gave as a Gartner analyst included a slide that had been in the standard "keep the bad guys out" pitch that must have dated back to 1998. 

The "Threat Hierarchy" listed in ascending order:





Information Warfare

Sometime in 2007, post Estonia, I realized that this hierarchy was actually a timeline.

I started to research state sponsored attacks looking for examples that would meet my criteria for cyberwarfare: the combination of network attacks with tanks rolling across borders.

On August 8, 2008 Russia sent tanks across the border into South Ossetia while there were simultaneous attacks on Georgian networks and I decided to write Surviving Cyberwar.

I picked narrative non-fiction because I have already written over 300,000 words here on on threatchaos in essentially that manner and I wanted to write a book that would have broad appeal. 

I also decided not to water down the technical aspects. I would not shy away from technical concepts but would explain them in a way that any regualr reader of the New York Times, Wall Street Journal, or this blog could pick up.

I also sought to tell the stories of the people involved in conducting cyber research and defense. I knew I get to them.

The attackers are a little more elusive. 

Shawn Carpenter of Titan Rain fame became the lead off story on cyber espionage, and Barrett Lyon, founder of Prolexic, provided the hook for the DDOS theme.

The hardest part about writing a book on cyber threats is they do not stop while you are writing.  The infiltration of the Dali Lama's network (GhostNet) he DDoS attacks on US and South Korean websites of last summer, the USB thumbdrive infection in the US Military, all had to be incorporated as they happened. 

One month after submitting the manuscript Google made their announcement that Chinese hackers had targeted their sourcecode and Chinese users.

My biggest worry as I wrote was that an accomplished journalist from the NYT or FT would be writing essentially the same book. Thankfully that did not happen. 

However, Richard Clarke and Robert Knake beat me to publishing with Cyber War: The Next Threat To National Security and What To Do About It. They were just in time to fuel the raging debate on terminology vs substance that may have reached its pinnacle last week with a face off between the real threat camp and the over-hyped camp (which went to the real threat side.)

Clarke has his constituency: policy makers and agencies that hire his consulting firm. I have mine: enterprise security practitioners and vendors.

I could not afford to alienate the people I work with by selling FUD and predicting scenarios of massive power outages, loss of communications, and embarrassing cyber-katrina incidents that will reflect poorly on policy makers. 

Who needs to take a hysterical stance when there are so many interesting events that have already occurred and, when taken together, tell a story that is well worth paying attention to if you are responsible for your organization's security? And yes, policy makers should take a level headed approach to the changing dynamic in geo-politics.

You will not find any scenarios of doom in Surviving Cyberwar. They are not needed. 

Militaries around the world are re-organizing around cyber-units, policy makers are engaging in international summits to discuss the threats and what to do about them.

Congress is contemplating over 40 separate bills addressing cyber security issues.  Someone from the security industry had to write a book about cyberwar. I did.


Possibly Related Articles:
Security Awareness
Cyberwar Cyber Security
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.